Wireshark-users: Re: [Wireshark-users] [Ethereal-users] SNA and Etherreal

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 10 Nov 2006 10:18:47 -0800
trefor.2.edwards@xxxxxx wrote:
-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-users
-------------------



------------------------------------------------------------------------

HI

I work on a VMS (Ex Digital & HP - Now Compaq VMS) operating system

You presumably meant "Ex Digital & Compaq - now HP". :-)

and have a SNA trace file in both raw binary format and ASCII Analyzed format.

What do I need to do to get wonderful Ethereal to analyze these captured traces?

As the note added to your message by the mailing list software indicates, Ethereal development has moved to the new Wireshark project - different name, different Web site, same developers, same software. See

	http://www.wireshark.org/faq.html#q1.2

for a brief explanation.

Thus, given that "what you need to do" involves modifying the software, it's unlikely that Ethereal will ever do it, but it's possible that Wireshark will be modified to do it.

You would need to find out the file format of the raw binary format, and add code to Wireshark to read that format - or find out the file format and get somebody else to add that code, e.g. by posting a description of the file format, or a link to some place the file format description can be found, to the wireshark-users or wireshark-dev list.

If a description of the format is unavailable, then if you can supply multiple raw binary files, and corresponding analyzed files that show *all* the protocol layers in the file, we might be able to reverse-engineer it.